urlscan.io logo urlscan.io
SecurityTrails logo

df16889.com Open in urlscan Pro
27.124.38.131  Public Scan

Go To Rescan Add Verdict Report
URL: http://df16889.com/
Submission: On October 28 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 6 domains to perform 29 HTTP transactions. The main IP is 27.124.38.131, located in Cambodia and belongs to BCPL-SG BGPNET Global ASN, SG. The main domain is df16889.com.
This is the only time df16889.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 27.124.38.131 64050 (BCPL-SG B...)
2 163.171.131.240 54994 (QUANTILNE...)
1 27.124.38.135 64050 (BCPL-SG B...)
8 47.246.43.167 24429 (TAOBAO Zh...)
1 106.75.71.247 4808 (CHINA169-...)
1 117.50.9.253 4808 (CHINA169-...)
1 203.107.43.76 37963 (CNNIC-ALI...)
2 106.75.80.66 4808 (CHINA169-...)
29 9
12    27.124.38.131 (Cambodia)

ASN64050 (BCPL-SG BGPNET Global ASN, SG)
df16889.com
2    163.171.131.240 (France)

ASN54994 (QUANTILNETWORKS, US)
www.shareinstall.com.cn
imgmini.eastday.com
1    27.124.38.135 (Cambodia)

ASN64050 (BCPL-SG BGPNET Global ASN, SG)
dafaqipaizx.com
8    47.246.43.167 (San Mateo, United States)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
static.meiqia.com
1    106.75.71.247 (China)

ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN)
check.shareinstall.com.cn
1    117.50.9.253 (China)

ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN)
statlog.shareinstall.com
1    203.107.43.76 (Hangzhou, China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)
new-api.meiqia.com
2    106.75.80.66 (China)

ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN)
ewapcollision.shareinstall.com.cn
Domain Requested by
12 df16889.com df16889.com
8 static.meiqia.com df16889.com
static.meiqia.com
2 ewapcollision.shareinstall.com.cn www.shareinstall.com.cn
1 imgmini.eastday.com
1 new-api.meiqia.com static.meiqia.com
1 statlog.shareinstall.com www.shareinstall.com.cn
1 check.shareinstall.com.cn www.shareinstall.com.cn
1 dafaqipaizx.com df16889.com
1 www.shareinstall.com.cn df16889.com
29 9

This site contains links to these domains. Also see Links.

Domain
chat.meiqiapaas.com
Subject Issuer Validity Valid
dafaqipaizx.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-18 -
2021-04-18		 a year crt.sh
*.meiqia.com
RapidSSL RSA CA 2018		 2020-04-20 -
2022-07-20		 2 years crt.sh
*.shareinstall.com
WoSign DV SSL CA		 2019-08-19 -
2021-01-02		 a year crt.sh
*.shareinstall.com.cn
GeoTrust CN RSA CA G1		 2020-09-24 -
2021-09-25		 a year crt.sh

This page contains 4 frames:

Primary Page: http://df16889.com/
Frame ID: 5F328F4ED9AE5A5C79EF22DEE031B15D
Requests: 22 HTTP requests in this frame

Frame: https://static.meiqia.com/widget/sync-cookie.html?v=2
Frame ID: 8A4421C993C5CB5EEC632728F37B8FBD
Requests: 1 HTTP requests in this frame

Frame: https://static.meiqia.com/widget/vendor-9dddb67bb0b08ea879a2.js
Frame ID: A6B30104F5ECD34ABEE05362638F26F4
Requests: 2 HTTP requests in this frame

Frame: https://static.meiqia.com/widget/static/new-chat.ogg
Frame ID: CB741AF15AB89CD8FB2770315137C948
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

29
Requests

45 %
HTTPS

0 %
IPv6

6
Domains

9
Subdomains

9
IPs

4
Countries

954 kB
Transfer

1689 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
df16889.com/ 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://df16889.com/
Protocol
HTTP/1.1
Server
27.124.38.131 , Cambodia, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
Microsoft-IIS/7.5 /
Resource Hash
e785089e10548072ed6dc099da7cfc3d11294d4c50e93cc6dd3947075075aaa5

Request headers

Host
df16889.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

Access-Control-Allow-Max-Age
86400
Access-Control-Allow-Headers
X-Custom-Header,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods
GET,HEAD,POST,PUT,DELETE,OPTIONS,PATCH
Access-Control-Allow-Origin
*
ETag
"0e0e51f8da0d61:0"
Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Mon, 12 Oct 2020 11:45:04 GMT
Accept-Ranges
bytes
Vary
Accept-Encoding
Server
Microsoft-IIS/7.5
Date
Wed, 28 Oct 2020 07:05:00 GMT
X-Cache
HIT from japan2-for-china
Content-Length
4588
jquery.min.js
df16889.com/js/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://df16889.com/js/jquery.min.js
Requested by
Host: df16889.com
URL: http://df16889.com/
Protocol
HTTP/1.1
Server
27.124.38.131 , Cambodia, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
Microsoft-IIS/7.5 /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Referer
http://df16889.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

Date
Tue, 27 Oct 2020 12:11:52 GMT
Last-Modified
Sat, 16 May 2020 13:17:28 GMT
Server
Microsoft-IIS/7.5
Access-Control-Allow-Max-Age
86400
ETag
"064d458842bd61:0"
Access-Control-Allow-Methods
GET,HEAD,POST,PUT,DELETE,OPTIONS,PATCH
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=36000
X-Cache
HIT from japan2-for-china
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Custom-Header,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Content-Length
95786
layer.js
df16889.com/files/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://df16889.com/files/layer.js
Requested by
Host: df16889.com
URL: http://df16889.com/
Protocol
HTTP/1.1
Server
27.124.38.131 , Cambodia, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
Microsoft-IIS/7.5 /
Resource Hash
2fc4428e63cd5bd982210576674877bd1ba3eb59b9f4686d3668fd94530fa4b7

Request headers

Referer
http://df16889.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

Date
Tue, 27 Oct 2020 11:28:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 May 2020 10:10:48 GMT
Server
Microsoft-IIS/7.5
Access-Control-Allow-Max-Age
86400
ETag
"0c4dec5e29d61:0"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,HEAD,POST,PUT,DELETE,OPTIONS,PATCH
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=36000
X-Cache
HIT from japan2-for-china
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Custom-Header,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Content-Length
1545
jshareinstall.min.js
www.shareinstall.com.cn/js/page/ 		21 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.shareinstall.com.cn/js/page/jshareinstall.min.js
Requested by
Host: df16889.com
URL: http://df16889.com/
Protocol
HTTP/1.1
Server
163.171.131.240 , France, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
WS-web-server /
Resource Hash
f80ddf46c3c138e82223dd57f73e57fdf836bf726582387ad6efee05fc058a0d

Request headers

Referer
http://df16889.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

Date
Wed, 28 Oct 2020 07:33:40 GMT
Last-Modified
Mon, 14 Sep 2020 07:16:49 GMT
Server
WS-web-server
Age
1
ETag
"Ftn0z5ZVCG5fKwpwN_nGiqLv3FEF"
X-Ws-Request-Id
5f991ed4_PSfgblPAR1ai68_47091-21073
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21453
X-Via
1.1 VMmgasbIAD1am50:3 (Cdn Cache Server V2.0), 1.1 PSfgblPAR1nl229:1 (Cdn Cache Server V2.0)
X-Reqid
202429121210736220201028042626rDeKBOkssampled
pid.js
dafaqipaizx.com/ 		26 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dafaqipaizx.com/pid.js
Requested by
Host: df16889.com
URL: http://df16889.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
27.124.38.135 , Cambodia, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
Microsoft-IIS/7.5 /
Resource Hash
5c84e3b298ef7f155c8d652f078613f7a1deaca320112fa3f62d6e41fd1108ee

Request headers

Referer
http://df16889.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

Date
Tue, 27 Oct 2020 11:31:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 Aug 2020 07:21:50 GMT
Server
Microsoft-IIS/7.5
Access-Control-Allow-Max-Age
86400
ETag
"0bb27694271d61:0"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,HEAD,POST,PUT,DELETE,OPTIONS,PATCH
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=36000
X-Cache
HIT from japan2-for-china
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Custom-Header,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Content-Length
3846
21.gif
df16889.com/img/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://df16889.com/img/21.gif
Requested by
Host: df16889.com
URL: http://df16889.com/
Protocol
HTTP/1.1
Server
27.124.38.131 , Cambodia, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
Microsoft-IIS/7.5 /
Resource Hash
a94b408490f9e4d35dff365e89cc24af6af47db6ab1e7560cbd0be16e7603a59

Request headers

Referer
http://df16889.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

Date
Tue, 27 Oct 2020 11:28:55 GMT
Last-Modified
Sun, 24 May 2020 06:37:52 GMT
Server
Microsoft-IIS/7.5
ETag
"02053d99531d61:0"
Vary
Accept
Access-Control-Allow-Methods
GET,HEAD,POST,PUT,DELETE,OPTIONS,PATCH
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
max-age=36000
Accept-Ranges
bytes
X-Cache
HIT from japan2-for-china
Access-Control-Allow-Max-Age
86400
Access-Control-Allow-Headers
X-Custom-Header,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Content-Length
36812
ico-1.png
df16889.com/img/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://df16889.com/img/ico-1.png
Requested by
Host: df16889.com
URL: http://df16889.com/
Protocol
HTTP/1.1
Server
27.124.38.131 , Cambodia, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
Microsoft-IIS/7.5 /
Resource Hash
4c33e012fdcf08e65209d731f4b28611d1a1a4336888bea08a8ad1a520872288

Request headers

Referer
http://df16889.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

Date
Tue, 27 Oct 2020 11:28:55 GMT
Last-Modified
Sun, 24 May 2020 06:37:52 GMT
Server
Microsoft-IIS/7.5
ETag
"02053d99531d61:0"
Vary
Accept
Access-Control-Allow-Methods
GET,HEAD,POST,PUT,DELETE,OPTIONS,PATCH
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
max-age=36000
Accept-Ranges
bytes
X-Cache
HIT from japan2-for-china
Access-Control-Allow-Max-Age
86400
Access-Control-Allow-Headers
X-Custom-Header,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Content-Length
9430
bg1.jpg
df16889.com/img/ 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://df16889.com/img/bg1.jpg
Requested by
Host: df16889.com
URL: http://df16889.com/
Protocol
HTTP/1.1
Server
27.124.38.131 , Cambodia, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
Microsoft-IIS/7.5 /
Resource Hash
2e17c3614a4e2661e28ac1f40c12af8f70d8d58165aabfb8a9ee3cf7a90a84cd

Request headers

Referer
http://df16889.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

Date
Tue, 27 Oct 2020 11:28:55 GMT
Last-Modified
Mon, 25 May 2020 09:31:38 GMT
Server
Microsoft-IIS/7.5
ETag
"0391e4a7732d61:0"
Vary
Accept
Access-Control-Allow-Methods
GET,HEAD,POST,PUT,DELETE,OPTIONS,PATCH
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
max-age=36000
Accept-Ranges
bytes
X-Cache
HIT from japan2-for-china
Access-Control-Allow-Max-Age
86400
Access-Control-Allow-Headers
X-Custom-Header,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Content-Length
86230
bg2.jpg
df16889.com/img/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://df16889.com/img/bg2.jpg
Requested by
Host: df16889.com
URL: http://df16889.com/
Protocol
HTTP/1.1
Server
27.124.38.131 , Cambodia, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
Microsoft-IIS/7.5 /
Resource Hash
955d1ae502dfbc8794692fb128e1581785c5ea52737f02443688d27f6546281b

Request headers

Referer
http://df16889.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

Date
Tue, 27 Oct 2020 11:28:56 GMT
Last-Modified
Sun, 24 May 2020 06:37:52 GMT
Server
Microsoft-IIS/7.5
ETag
"02053d99531d61:0"
Vary
Accept
Access-Control-Allow-Methods
GET,HEAD,POST,PUT,DELETE,OPTIONS,PATCH
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
max-age=36000
Accept-Ranges
bytes
X-Cache
HIT from japan2-for-china
Access-Control-Allow-Max-Age
86400
Access-Control-Allow-Headers
X-Custom-Header,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Content-Length
35774
dj1.png
df16889.com/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://df16889.com/img/dj1.png
Requested by
Host: df16889.com
URL: http://df16889.com/
Protocol
HTTP/1.1
Server
27.124.38.131 , Cambodia, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
Microsoft-IIS/7.5 /
Resource Hash
242a26c71a3e754c8b0ba4ae99c0bc8533f647389317ea3c7a702457f2f787df

Request headers

Referer
http://df16889.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

Date
Tue, 27 Oct 2020 11:28:55 GMT
Last-Modified
Sun, 24 May 2020 06:37:52 GMT
Server
Microsoft-IIS/7.5
ETag
"02053d99531d61:0"
Vary
Accept
Access-Control-Allow-Methods
GET,HEAD,POST,PUT,DELETE,OPTIONS,PATCH
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
max-age=36000
Accept-Ranges
bytes
X-Cache
HIT from japan2-for-china
Access-Control-Allow-Max-Age
86400
Access-Control-Allow-Headers
X-Custom-Header,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Content-Length
7522
bg3.jpg
df16889.com/img/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://df16889.com/img/bg3.jpg
Requested by
Host: df16889.com
URL: http://df16889.com/
Protocol
HTTP/1.1
Server
27.124.38.131 , Cambodia, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
Microsoft-IIS/7.5 /
Resource Hash
2f5374fad6c42289734c68115d5f6d08e20af5155eaef076ec59dc5ce7e0dd82

Request headers

Referer
http://df16889.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

Date
Tue, 27 Oct 2020 11:28:55 GMT
Last-Modified
Sun, 24 May 2020 06:37:52 GMT
Server
Microsoft-IIS/7.5
ETag
"02053d99531d61:0"
Vary
Accept
Access-Control-Allow-Methods
GET,HEAD,POST,PUT,DELETE,OPTIONS,PATCH
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
max-age=36000
Accept-Ranges
bytes
X-Cache
HIT from japan2-for-china
Access-Control-Allow-Max-Age
86400
Access-Control-Allow-Headers
X-Custom-Header,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Content-Length
61654
bg4.jpg
df16889.com/img/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://df16889.com/img/bg4.jpg
Requested by
Host: df16889.com
URL: http://df16889.com/
Protocol
HTTP/1.1
Server
27.124.38.131 , Cambodia, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
Microsoft-IIS/7.5 /
Resource Hash
90601b4c8d2ecb27cc087030398adf5def6d89fa0c5d740684a4f4da4baa7b0b

Request headers

Referer
http://df16889.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

Date
Tue, 27 Oct 2020 11:28:55 GMT
Last-Modified
Sun, 24 May 2020 06:37:52 GMT
Server
Microsoft-IIS/7.5
ETag
"02053d99531d61:0"
Vary
Accept
Access-Control-Allow-Methods
GET,HEAD,POST,PUT,DELETE,OPTIONS,PATCH
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
max-age=36000
Accept-Ranges
bytes
X-Cache
HIT from japan2-for-china
Access-Control-Allow-Max-Age
86400
Access-Control-Allow-Headers
X-Custom-Header,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Content-Length
74236
left.png
df16889.com/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://df16889.com/img/left.png
Requested by
Host: df16889.com
URL: http://df16889.com/
Protocol
HTTP/1.1
Server
27.124.38.131 , Cambodia, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
Microsoft-IIS/7.5 /
Resource Hash
a7b49a20f0585d208430bae435a65676d4eaf206813bbaac23fda8c2649d5c3e

Request headers

Referer
http://df16889.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

Date
Tue, 27 Oct 2020 11:28:55 GMT
Last-Modified
Mon, 25 May 2020 09:29:22 GMT
Server
Microsoft-IIS/7.5
ETag
"045ef97632d61:0"
Vary
Accept
Access-Control-Allow-Methods
GET,HEAD,POST,PUT,DELETE,OPTIONS,PATCH
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
max-age=36000
Accept-Ranges
bytes
X-Cache
HIT from japan2-for-china
Access-Control-Allow-Max-Age
86400
Access-Control-Allow-Headers
X-Custom-Header,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Content-Length
5886
layer.css
df16889.com/files/need/ 		5 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://df16889.com/files/need/layer.css?2.0
Requested by
Host: df16889.com
URL: http://df16889.com/files/layer.js
Protocol
HTTP/1.1
Server
27.124.38.131 , Cambodia, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
Microsoft-IIS/7.5 /
Resource Hash
eecc7effcae5f246e6212c30c525cee9e11cadedc7d32aa6def213f1a90d98f6

Request headers

Referer
http://df16889.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

Date
Tue, 27 Oct 2020 11:46:52 GMT
Last-Modified
Wed, 13 May 2020 10:44:04 GMT
Server
Microsoft-IIS/7.5
Access-Control-Allow-Max-Age
86400
ETag
"032946b1329d61:0"
Access-Control-Allow-Methods
GET,HEAD,POST,PUT,DELETE,OPTIONS,PATCH
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=36000
X-Cache
HIT from japan2-for-china
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Custom-Header,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Content-Length
5260
meiqia.js
static.meiqia.com/dist/ 		8 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.meiqia.com/dist/meiqia.js?_=t
Requested by
Host: df16889.com
URL: http://df16889.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.246.43.167 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
61258aef1ce5f090bdeee18b9f693dd28076b0e7f27efb9b04f6c60409c932d8
Security Headers
Name Value
Strict-Transport-Security max-age=5184000

Request headers

Referer
http://df16889.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

strict-transport-security
max-age=5184000
via
cache23.l2ot7-1[0,304-0,H], cache39.l2ot7-1[0,0], cache14.de2[0,200-0,H], cache9.de2[1,0]
etag
W/"9082ddeecedd16dcd3d91dc1c57949d3"
age
279
x-cache-status
HIT
x-cache
HIT TCP_MEM_HIT dirn:9:158119208
status
200
x-swift-cachetime
300
x-swift-savetime
Wed, 28 Oct 2020 07:31:05 GMT
content-encoding
br
x-amz-request-id
6T5QFT5KAW6KEZCW
last-modified
Thu, 22 Oct 2020 07:07:51 GMT
server
Tengine
date
Wed, 28 Oct 2020 07:29:04 GMT
vary
Accept-Encoding, Accept-Encoding
ali-swift-global-savetime
1603786533
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=300
x-amz-version-id
dIxfoDXuxQOayftW97uJAPvcZiqQ37GD
timing-allow-origin
*
eagleid
2ff62b9d16038704233085527e
expires
Wed, 28 Oct 2020 07:34:04 GMT
wwwroot
check.shareinstall.com.cn/ 		249 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://check.shareinstall.com.cn/wwwroot
Requested by
Host: www.shareinstall.com.cn
URL: http://www.shareinstall.com.cn/js/page/jshareinstall.min.js
Protocol
HTTP/1.1
Server
106.75.71.247 , China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN),
Reverse DNS
Software
Tengine / PHP/7.2.21
Resource Hash
514f2e07e39ac88bfbc8e9b7123425cfc64c7538d3b4bcf383c8aa887a5dba7a

Request headers

Referer
http://df16889.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

Date
Wed, 28 Oct 2020 07:33:43 GMT
Content-Encoding
gzip
Server
Tengine
X-Powered-By
PHP/7.2.21
Vary
Accept-Encoding
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
wapopen
statlog.shareinstall.com/shareinstall_log/ 		22 B
190 B 		Script
General
Check archive.org
Download Go to
Full URL
https://statlog.shareinstall.com/shareinstall_log/wapopen?jsonpcallback=getVisit&uid=2b5ebd8f-48e6-4cac-89c8-e6c1348668a9&appkey=KEBK6ERBEE72KF&os=ios&channel=null&url=http://df16889.com/
Requested by
Host: www.shareinstall.com.cn
URL: http://www.shareinstall.com.cn/js/page/jshareinstall.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
117.50.9.253 , China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
e252d1d19970661965a0301d9702a711d9c108cfae1f846228d70bfcbd4da18e

Request headers

Referer
http://df16889.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

Date
Wed, 28 Oct 2020 07:33:43 GMT
Server
Apache-Coyote/1.1
Transfer-Encoding
chunked
Content-Type
application/json;charset=UTF-8
entrypoint-v2020.10.22.3.js
static.meiqia.com/widget/ 		128 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.meiqia.com/widget/entrypoint-v2020.10.22.3.js
Requested by
Host: static.meiqia.com
URL: https://static.meiqia.com/dist/meiqia.js?_=t
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.246.43.167 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
8e3c5111f23f4cdf5baf5607ed481e01a4e4b6a2a61d1082869ed940dc13cb32
Security Headers
Name Value
Strict-Transport-Security max-age=5184000

Request headers

Referer
http://df16889.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

strict-transport-security
max-age=5184000
via
cache30.l2ot7-1[0,200-0,H], cache28.l2ot7-1[1,0], cache2.de2[0,200-0,H], cache9.de2[1,0]
etag
W/"504c464503e7b2a47bba06e71d9a73fd"
age
519932
x-cache-status
HIT
x-cache
HIT TCP_MEM_HIT dirn:9:346797510
status
200
x-swift-cachetime
315359890
x-swift-savetime
Thu, 22 Oct 2020 07:10:01 GMT
content-encoding
br
x-amz-request-id
A6C3E6DE5BB5157C
last-modified
Thu, 22 Oct 2020 07:07:51 GMT
server
Tengine
date
Thu, 22 Oct 2020 07:08:11 GMT
vary
Accept-Encoding, Accept-Encoding
ali-swift-global-savetime
1603350491
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-amz-version-id
ZnDHVXC5iYr7HZ7DbqrXFabW5j_cf_I7
timing-allow-origin
*
eagleid
2ff62b9d16038704233565678e
expires
Thu, 31 Dec 2037 23:55:55 GMT
sync-cookie.html
static.meiqia.com/widget/ Frame 8A44 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://static.meiqia.com/widget/sync-cookie.html?v=2
Requested by
Host: static.meiqia.com
URL: https://static.meiqia.com/widget/entrypoint-v2020.10.22.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.246.43.167 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=5184000

Request headers

:method
GET
:authority
static.meiqia.com
:scheme
https
:path
/widget/sync-cookie.html?v=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://df16889.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Referer
http://df16889.com/

Response headers

status
200
server
Tengine
content-type
text/html
vary
Accept-Encoding Accept-Encoding
strict-transport-security
max-age=5184000
date
Tue, 14 Jul 2020 01:48:11 GMT
x-amz-request-id
5EF60165513E7DA7
last-modified
Mon, 13 Jul 2020 02:57:13 GMT
etag
W/"183ecedd8abd2915fa3e74a7fa9e6173"
x-amz-version-id
yNqcO7Smw7fJqNG2buscNeyKHWttsk3t
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
x-cache-status
HIT
ali-swift-global-savetime
1594691291
via
cache16.l2ot7-1[0,200-0,H], cache37.l2ot7-1[1,0], cache5.de2[0,200-0,H], cache9.de2[1,0]
age
9179132
x-cache
HIT TCP_MEM_HIT dirn:9:321952261
x-swift-savetime
Thu, 24 Sep 2020 09:19:23 GMT
x-swift-cachetime
309112128
content-encoding
br
access-control-allow-origin
*
timing-allow-origin
*
eagleid
2ff62b9d16038704234786023e
vendor-9dddb67bb0b08ea879a2.js
static.meiqia.com/widget/ Frame A6B3 		697 KB
287 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.meiqia.com/widget/vendor-9dddb67bb0b08ea879a2.js
Requested by
Host: static.meiqia.com
URL: https://static.meiqia.com/widget/entrypoint-v2020.10.22.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.246.43.167 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
260dd28889bfe50ed4e078952a6c231133e7457abbb12b4b2ba87dad28d499a8
Security Headers
Name Value
Strict-Transport-Security max-age=5184000

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

strict-transport-security
max-age=5184000
via
cache11.l2ot7-1[0,200-0,H], cache28.l2ot7-1[1,0], cache9.de2[0,200-0,H], cache9.de2[1,0]
etag
W/"08ce5a6314d773db0acbeead5d64840f"
age
537932
x-cache-status
HIT
x-cache
HIT TCP_MEM_HIT dirn:9:72050172
status
200
x-swift-cachetime
315359959
x-swift-savetime
Thu, 22 Oct 2020 02:08:52 GMT
content-encoding
br
x-amz-request-id
B1DC4C127692BBB3
last-modified
Thu, 22 Oct 2020 02:07:16 GMT
server
Tengine
date
Thu, 22 Oct 2020 02:08:11 GMT
vary
Accept-Encoding, Accept-Encoding
ali-swift-global-savetime
1603332491
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-amz-version-id
.lAQQv4Yo1d3X62xw.U6wthRURJGhJ9_
timing-allow-origin
*
eagleid
2ff62b9d16038704235396185e
expires
Thu, 31 Dec 2037 23:55:55 GMT
app-v2020.10.22.3.js
static.meiqia.com/widget/ Frame A6B3 		346 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.meiqia.com/widget/app-v2020.10.22.3.js
Requested by
Host: static.meiqia.com
URL: https://static.meiqia.com/widget/entrypoint-v2020.10.22.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.246.43.167 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
c300665e9dfff4deffacd71cc9e44d4a16df952de81167e118ccc1375bd2f432
Security Headers
Name Value
Strict-Transport-Security max-age=5184000

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

strict-transport-security
max-age=5184000
via
cache35.l2ot7-1[0,200-0,H], cache40.l2ot7-1[0,0], cache13.de2[0,200-0,H], cache9.de2[8,0]
etag
W/"9112682ffd837f355c2a123664c037e6"
age
519929
x-cache-status
HIT
x-cache
HIT TCP_MEM_HIT dirn:11:408035857
status
200
x-swift-cachetime
315359891
x-swift-savetime
Thu, 22 Oct 2020 07:10:03 GMT
content-encoding
br
x-amz-request-id
F2FF90244073B8E1
last-modified
Thu, 22 Oct 2020 07:07:46 GMT
server
Tengine
date
Thu, 22 Oct 2020 07:08:14 GMT
vary
Accept-Encoding, Accept-Encoding
ali-swift-global-savetime
1603350494
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-amz-version-id
iMa1QHWy3FH2FqvW3RarAU1eKg8D7G.Y
timing-allow-origin
*
eagleid
2ff62b9d16038704235396187e
expires
Thu, 31 Dec 2037 23:55:55 GMT
get_base_config
new-api.meiqia.com/visit/ 		109 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://new-api.meiqia.com/visit/get_base_config?ent_id=204549
Requested by
Host: static.meiqia.com
URL: https://static.meiqia.com/widget/entrypoint-v2020.10.22.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.107.43.76 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
openresty /
Resource Hash
347f9230bd59c33f731122e635cdb9b69659a2219c8e3e353d86105bc75f614b

Request headers

Accept
application/json
Referer
http://df16889.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

Access-Control-Allow-Origin
http://df16889.com
Date
Wed, 28 Oct 2020 07:33:56 GMT
Content-Encoding
gzip
Server
openresty
Content-Length
103
Vary
Accept-Encoding
Content-Type
application/json
new-chat.ogg
static.meiqia.com/widget/static/ Frame CB74 		13 KB
13 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.meiqia.com/widget/static/new-chat.ogg
Requested by
Host: df16889.com
URL: http://df16889.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.246.43.167 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
68b3165ec6baf7337b62f12b48d4e741dc31879d1be01386897fc3da0b6a215a
Security Headers
Name Value
Strict-Transport-Security max-age=5184000

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Range
bytes=0-

Response headers

strict-transport-security
max-age=5184000
via
cache23.l2ot7-1[0,206-0,H], cache30.l2ot7-1[0,0], cache14.de2[0,206-0,H], cache9.de2[1,0]
etag
"000361055ba6323bd77b87a9b6c720e1"
age
9179117
x-cache-status
HIT
x-cache
HIT TCP_MEM_HIT dirn:11:56412180
status
206
x-swift-cachetime
309112134
x-swift-savetime
Thu, 24 Sep 2020 09:19:32 GMT
x-amz-request-id
5C1F955396249AA9
Content-Range
bytes 0-13153/13154
last-modified
Mon, 13 Jul 2020 02:57:13 GMT
server
Tengine
date
Tue, 14 Jul 2020 01:48:26 GMT
ali-swift-global-savetime
1594691306
content-type
audio/ogg
access-control-allow-origin
*
cache-control
max-age=315360000
x-amz-version-id
JMmRQG2nD5AJSPmw.4E6Rw5N6qirrJbW
Content-Length
13154
timing-allow-origin
*
eagleid
2ff62b9d16038704238887167e
expires
Thu, 31 Dec 2037 23:55:55 GMT
new-message.ogg
static.meiqia.com/widget/static/ Frame CB74 		6 KB
6 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.meiqia.com/widget/static/new-message.ogg
Requested by
Host: df16889.com
URL: http://df16889.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.246.43.167 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
24de5dcb61980c9fb74d909017a1e22afc1eab7b9557c114e3d31f310cb3a589
Security Headers
Name Value
Strict-Transport-Security max-age=5184000

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Range
bytes=0-

Response headers

strict-transport-security
max-age=5184000
via
cache32.l2ot7-1[0,206-0,H], cache26.l2ot7-1[0,0], cache10.de2[0,206-0,H], cache9.de2[1,0]
etag
"20c917be9af04d47529a9b8d9bb97f86"
age
36454270
x-cache-status
MISS
x-cache
HIT TCP_MEM_HIT dirn:9:422295591
status
206
x-swift-cachetime
281836981
x-swift-savetime
Thu, 24 Sep 2020 09:19:32 GMT
x-amz-request-id
3AD2EEA5909AE9D4
Content-Range
bytes 0-5890/5891
last-modified
Fri, 30 Aug 2019 08:40:11 GMT
server
Tengine
date
Mon, 02 Sep 2019 09:22:33 GMT
ali-swift-global-savetime
1567416153
content-type
audio/ogg
access-control-allow-origin
*
cache-control
max-age=315360000
x-amz-version-id
utNzE5Rgt3LoXpkgBZRo7BE2V78ubI_k
Content-Length
5891
timing-allow-origin
*
eagleid
2ff62b9d16038704238897168e
expires
Thu, 31 Dec 2037 23:55:55 GMT
sent-message.ogg
static.meiqia.com/widget/static/ Frame CB74 		9 KB
9 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.meiqia.com/widget/static/sent-message.ogg
Requested by
Host: df16889.com
URL: http://df16889.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.246.43.167 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
e8c5d4e9b26f6327cfc4d103bc6d5e8c5a641a5a24085b1b66129bee55ad1b4f
Security Headers
Name Value
Strict-Transport-Security max-age=5184000

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Range
bytes=0-

Response headers

strict-transport-security
max-age=5184000
via
cache34.l2ot7-1[0,206-0,H], cache23.l2ot7-1[1,0], cache3.de2[0,206-0,H], cache9.de2[4,0]
etag
"bebdf32f64a0c27b36033871882647c8"
age
36048627
x-cache-status
MISS
x-cache
HIT TCP_MEM_HIT dirn:10:64365114
status
206
x-swift-cachetime
279607929
x-swift-savetime
Sat, 24 Oct 2020 21:11:07 GMT
x-amz-request-id
6146713C3B5CAD9F
Content-Range
bytes 0-8821/8822
last-modified
Thu, 05 Sep 2019 08:44:17 GMT
server
Tengine
date
Sat, 07 Sep 2019 02:03:16 GMT
ali-swift-global-savetime
1567821796
content-type
audio/ogg
access-control-allow-origin
*
cache-control
max-age=315360000
x-amz-version-id
ZPdEX0FrioLPI5oyXeGkHWVZQIeOV8cN
Content-Length
8822
timing-allow-origin
*
eagleid
2ff62b9d16038704238897172e
expires
Thu, 31 Dec 2037 23:55:55 GMT
wap.h
ewapcollision.shareinstall.com.cn/eshareinstall/ 		730 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ewapcollision.shareinstall.com.cn/eshareinstall/wap.h?code=7bT1_vf4-PP61fny87SstLS6tOXhtKy0p6CmprS6tOX-tKy0p6SmprS6tOXmtKy0p7imtLq08eC0rLS0urTx5LSstLS6tPr_tKy0tLq09bSsp7q09-b9tKy0tLq05uG0rKa6tPnltKy0__nltLq0-eXg8-S0rLSnprinoriktLq09-bm_fPvtKy03dPU3aDTxNTT06Gk3dC0urT1_vf4-PP6tKy0tLq04LSstKe4pLintOs=
Requested by
Host: www.shareinstall.com.cn
URL: http://www.shareinstall.com.cn/js/page/jshareinstall.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
106.75.80.66 , China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
4043237574777a39f0d98209085de75426ac8ed6a7d1cad7d860152b9ecc8808

Request headers

Referer
http://df16889.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Wed, 28 Oct 2020 07:33:46 GMT
Allow
POST
Server
Apache-Coyote/1.1
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
http://df16889.com
Access-Control-Allow-Credentials
true
Access-Control-Allow-Max-Age
1000
Access-Control-Allow-Headers
Content-Type
wap.h
ewapcollision.shareinstall.com.cn/eshareinstall/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://ewapcollision.shareinstall.com.cn/eshareinstall/wap.h?code=7bT1_vf4-PP61fny87SstLS6tOXhtKy0p6CmprS6tOX-tKy0p6SmprS6tOXmtKy0p7imtLq08eC0rLS0urTx5LSstLS6tPr_tKy0tLq09bSsp7q09-b9tKy0tLq05uG0rKa6tPnltKy0__nltLq0-eXg8-S0rLSnprinoriktLq09-bm_fPvtKy03dPU3aDTxNTT06Gk3dC0urT1_vf4-PP6tKy0tLq04LSstKe4pLintOs=
Protocol
HTTP/1.1
Server
106.75.80.66 , China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://df16889.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
Apache-Coyote/1.1
Access-Control-Allow-Origin
http://df16889.com
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Max-Age
1000
Access-Control-Allow-Credentials
true
Allow
GET, HEAD, POST, TRACE, OPTIONS
Content-Type
application/json;charset=UTF-8
Transfer-Encoding
chunked
Date
Wed, 28 Oct 2020 07:33:44 GMT
1530617476_tip-icon.png
imgmini.eastday.com/shareinstall/admin/assets/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://imgmini.eastday.com/shareinstall/admin/assets/1530617476_tip-icon.png
Protocol
HTTP/1.1
Server
163.171.131.240 , France, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
WS-web-server /
Resource Hash
a5cf89255f316b457343116c7b79174d53b777704ae6be26f9c8da9f964e210e

Request headers

Referer
http://df16889.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

Date
Wed, 28 Oct 2020 07:33:47 GMT
Last-Modified
Tue, 03 Jul 2018 11:31:16 GMT
Server
WS-web-server
Age
1
ETag
"Flw5Z4qedkx8RT7G-C30Hf0B-ju8"
X-Ws-Request-Id
5f991edb_PSfgblPAR1ai68_47193-27338
Content-Type
image/png
Access-Control-Allow-Origin
*
X-Cache-Spec
Yes
Connection
keep-alive
Content-Length
9492
X-Via
1.1 PSxgHKG8nc89:3 (Cdn Cache Server V2.0), 1.1 tb119:10 (Cdn Cache Server V2.0), 1.1 hx171:10 (Cdn Cache Server V2.0), 1.1 PSfgblPAR1nl229:2 (Cdn Cache Server V2.0)
X-Reqid
202429121210736220201022054022gVW2pptfsampled
init
new-api.meiqia.com/visit/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
new-api.meiqia.com
URL
https://new-api.meiqia.com/visit/init?ent_id=204549&track_id=&title=%E7%9B%9B%E4%B8%96%E5%A8%B1%E4%B9%90&referrer_url=&url=http%3A%2F%2Fdf16889.com%2F&v=1603870437048&jsonp_cb=jsonp1603870437048

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| trustedTypes function| $ function| jQuery object| layer function| _MEIQIA function| ShareInstall string| host string| localhost string| params string| pid string| channelCode number| type1 number| type undefined| cnzz_protocol object| datas string| params1 function| copyToClip function| DownSoft string| cssText function| loadStyleText function| loadHtml function| is_weixin function| goPAGE function| goYIdong function| url number| d string| logData object| _SHAREINSTALLCODE function| getVisit object| jQuery111108551067914159582 object| __core-js_shared__ string| _agent_chat_type object| _widgetBundleName object| regeneratorRuntime object| core object| _CHAT_GLOBAL_API_CONFIG_ object| meiqia function| _LAIGU

0 Cookies

1 Console Messages

Source Level URL
Text
console-api log URL: https://static.meiqia.com/widget/app-v2020.10.22.3.js(Line 1)
Message:
{"data":{"status":403,"code":"enterprise_disabled_legal","message":"Enterprise disabled due to legal violation"},"status":403}

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

check.shareinstall.com.cn
dafaqipaizx.com
df16889.com
ewapcollision.shareinstall.com.cn
imgmini.eastday.com
new-api.meiqia.com
static.meiqia.com
statlog.shareinstall.com
www.shareinstall.com.cn
new-api.meiqia.com
106.75.71.247
106.75.80.66
117.50.9.253
163.171.131.240
203.107.43.76
27.124.38.131
27.124.38.135
47.246.43.167
242a26c71a3e754c8b0ba4ae99c0bc8533f647389317ea3c7a702457f2f787df
24de5dcb61980c9fb74d909017a1e22afc1eab7b9557c114e3d31f310cb3a589
260dd28889bfe50ed4e078952a6c231133e7457abbb12b4b2ba87dad28d499a8
2e17c3614a4e2661e28ac1f40c12af8f70d8d58165aabfb8a9ee3cf7a90a84cd
2f5374fad6c42289734c68115d5f6d08e20af5155eaef076ec59dc5ce7e0dd82
2fc4428e63cd5bd982210576674877bd1ba3eb59b9f4686d3668fd94530fa4b7
347f9230bd59c33f731122e635cdb9b69659a2219c8e3e353d86105bc75f614b
4043237574777a39f0d98209085de75426ac8ed6a7d1cad7d860152b9ecc8808
4c33e012fdcf08e65209d731f4b28611d1a1a4336888bea08a8ad1a520872288
514f2e07e39ac88bfbc8e9b7123425cfc64c7538d3b4bcf383c8aa887a5dba7a
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5c84e3b298ef7f155c8d652f078613f7a1deaca320112fa3f62d6e41fd1108ee
61258aef1ce5f090bdeee18b9f693dd28076b0e7f27efb9b04f6c60409c932d8
68b3165ec6baf7337b62f12b48d4e741dc31879d1be01386897fc3da0b6a215a
8e3c5111f23f4cdf5baf5607ed481e01a4e4b6a2a61d1082869ed940dc13cb32
90601b4c8d2ecb27cc087030398adf5def6d89fa0c5d740684a4f4da4baa7b0b
955d1ae502dfbc8794692fb128e1581785c5ea52737f02443688d27f6546281b
a5cf89255f316b457343116c7b79174d53b777704ae6be26f9c8da9f964e210e
a7b49a20f0585d208430bae435a65676d4eaf206813bbaac23fda8c2649d5c3e
a94b408490f9e4d35dff365e89cc24af6af47db6ab1e7560cbd0be16e7603a59
c300665e9dfff4deffacd71cc9e44d4a16df952de81167e118ccc1375bd2f432
e252d1d19970661965a0301d9702a711d9c108cfae1f846228d70bfcbd4da18e
e785089e10548072ed6dc099da7cfc3d11294d4c50e93cc6dd3947075075aaa5
e8c5d4e9b26f6327cfc4d103bc6d5e8c5a641a5a24085b1b66129bee55ad1b4f
eecc7effcae5f246e6212c30c525cee9e11cadedc7d32aa6def213f1a90d98f6
f80ddf46c3c138e82223dd57f73e57fdf836bf726582387ad6efee05fc058a0d